Nick Milas wrote:
On 29/5/2012 7:42 μμ, Michael Ströder wrote:
> There's a SLAPI plugin for 389 DS which supports MIT Kerberos. A C programmer
> might be able to adapt this as an OpenLDAP overlay (similar to OpenLDAP's
Sorry, couldn't one use the SLAPI plugin as is in OpenLDAP, since SLAPI
support is available (SLAPI plugins are supposed to be able to work
without modifications on all LDAP servers)?
"supposed to" and "actual" tend to be quite different, since the
SLAPI diverged from each other (Sun/Netscape/RedHat...), and OpenLDAP's
implementation is rather sparse, and only fleshed out on an as-needed basis.
(For example, Symas and LTB packages are SLAPI-enabled; I had tested
such a SLAPI plugin and it worked fine.)
It would be better to simply extend slapo-smbk5pwd with MIT support.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/